Gentoo Security Advisory GLSA 200404-13 (cvs)

The remote host is missing updates announced in advisory GLSA 200404-13.
All CVS users should upgrade to the latest stable version. # emerge sync # emerge -pv '>=dev-util/cvs-1.11.15' # emerge '>=dev-util/cvs-1.11.15'
There are two vulnerabilities in CVS one in the server and one in the client. These vulnerabilities allow the reading and writing of arbitrary files on both client and server.